Abstract:

Data governance (DG) is the combination of the process, procedures, standard, organizational bodies, decision-making, rules, policies, accountabilities to handle the information assets. Data governance has various dimension and elements such as data quality management, data management systems, data security, and data administration. Many organization implement DG due to several reasons like enhancing business revenue, reducing cost and compliance. Moreover, security of the data and data management system are other objectives for adopt DG due to its complication. Every data has threats over the data security management, which needs a proper risk management to control. Risk management is very crucial for every business to incubate and mitigate. Risk assessment is the first step in the risk management approach. There are number of approaches for the risk assessment. ISO 27001 is one of these approaches that identify the risk, analyze and evaluate based on the data security and protection.